Robert Falcone, Author at Unit42

16,115

people reacted

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

By Alex Hinchliffe and Robert Falcone
May 11, 2020 at 9:30 PM

16 min. read

25,658

people reacted

APT41 Using New Speculoos Backdoor to Target Organizations Globally

By Bryan Lee, Robert Falcone and Jen Miller-Osborn
April 13, 2020 at 5:45 PM

7 min. read

21,211

people reacted

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

By Robert Falcone, Bryan Lee and Alex Hinchliffe
March 3, 2020 at 6:00 AM

28 min. read

23,073

people reacted

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

By Robert Falcone
February 3, 2020 at 6:00 AM

13 min. read

16,717

people reacted

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

By Brittany Barbehenn and Robert Falcone
January 27, 2020 at 6:00 PM

7 min. read

19,053

people reacted

xHunt Campaign: xHunt Actor’s Cheat Sheet

By Robert Falcone
December 4, 2019 at 8:00 PM

19 min. read

27,149

people reacted

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

By Robert Falcone and Brittany Barbehenn
October 10, 2019 at 5:00 AM

11 min. read

44,811

people reacted

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

By Robert Falcone and Brittany Barbehenn
September 23, 2019 at 6:00 AM

22 min. read

46,065

people reacted

Emissary Panda Attacks Middle East Government SharePoint Servers

By Robert Falcone and Tom Lancaster
May 28, 2019 at 6:00 AM

13 min. read

51,600

people reacted

Behind the Scenes with OilRig

By Bryan Lee and Robert Falcone
April 30, 2019 at 6:00 AM

24 min. read

39,164

people reacted

Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign

By Robert Falcone and Brittany Barbehenn
April 17, 2019 at 12:01 AM

14 min. read

DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling

By Robert Falcone
April 16, 2019 at 9:00 AM

37 min. read

28,810

people reacted

New Python-Based Payload MechaFlounder Used by Chafer

By Robert Falcone and Brittany Barbehenn
March 4, 2019 at 6:00 AM

8 min. read

DarkHydrus delivers new Trojan that can use Google Drive for C2 communications

By Robert Falcone and Bryan Lee
January 18, 2019 at 10:40 AM

14 min. read

Shamoon 3: Modified Open-Source Wiper Contains Verse from the Quran

By Robert Falcone
December 19, 2018 at 9:00 AM

10 min. read

Posts created by: Robert Falcone

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

APT41 Using New Speculoos Backdoor to Target Organizations Globally

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

xHunt Campaign: xHunt Actor’s Cheat Sheet

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

Emissary Panda Attacks Middle East Government SharePoint Servers

Behind the Scenes with OilRig

Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign

DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling

New Python-Based Payload MechaFlounder Used by Chafer

DarkHydrus delivers new Trojan that can use Google Drive for C2 communications

Shamoon 3: Modified Open-Source Wiper Contains Verse from the Quran

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account